Re: [Rift] Status update on security interop testing between RIFT-Juniper and RIFT-Python
Tony Przygienda <tonysietf@gmail.com> Wed, 17 July 2019 12:58 UTC
Return-Path: <tonysietf@gmail.com>
X-Original-To: rift@ietfa.amsl.com
Delivered-To: rift@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 53884120404 for <rift@ietfa.amsl.com>; Wed, 17 Jul 2019 05:58:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id r6AbCN6SvYW5 for <rift@ietfa.amsl.com>; Wed, 17 Jul 2019 05:58:04 -0700 (PDT)
Received: from mail-ed1-x52e.google.com (mail-ed1-x52e.google.com [IPv6:2a00:1450:4864:20::52e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A87CC1203F7 for <rift@ietf.org>; Wed, 17 Jul 2019 05:58:03 -0700 (PDT)
Received: by mail-ed1-x52e.google.com with SMTP id e3so25502077edr.10 for <rift@ietf.org>; Wed, 17 Jul 2019 05:58:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=CKiPCy7UKWOsYH3o2Iz5joIWj4IRtcvDMLat4SB81Mw=; b=ZWfB7lJ/yjji4i1cGsQbh80OK1BLk71NLw6ilagts5eFPfEozz34F7x7hBZzt7Bl63 Ivv5F0DPB4k7tAezqyOHveWbTZKVh6gUCrp6+QMhUX4wp1KEQ70eFgZVczQES4RRmama KC9T78lN5fnTHEe8z1EpI/z0XVbeaRw6VcqyRn8kI3a6BxyDy+MRw2qC9ziFPIQWgB88 Yv8c5wowhxzF2qAu5EpQ3hIZVHYO2yQAL+qHQcdJW93cbmpWoFTepnUhPa2Qfx5vjNtM S+Fk7WXIux6HkCSAL/eJBTIYUO05CFN+/GLYjeKaUAHEGCYMAWdHiEyQANIq0vwMHDuj Nn0g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=CKiPCy7UKWOsYH3o2Iz5joIWj4IRtcvDMLat4SB81Mw=; b=HLRQ+/EPZoZYmer15ACftUeXj1Hlvtw8EvoYcDo+GFktGIiAoqiH0Mf8DTqSWQlGlU A/Aclm1/Udmu9ljOyBROjzkeJzeaW3FzbAm6Whk4EsMflrKhTLFIufxYBcyBv3pR5RR8 lHYspR7UwDCd/rsfA/CWoyvjBYQJfaCczvlBZSFaURu51yQM6mEHWcZZyDdb0Q3aPhOe zTG+KvJyuC/lYxNB0To/mf6hWRvprxzaJZoEv7jHFKl1shCVhlEQpWtt8UtkwHIGoUTK eioDVil3ZGjBxSziJc4oyL0YgSBGBuvyVhDhstTxBm/IEm5luH/o3og2erCkRzfhVW6b rI1w==
X-Gm-Message-State: APjAAAV8Y4oVlXSvCBEoy8ozigvtIGWPwhr6/bkkxgusHnHFAjqRliuY SeZ/vJgX5HR/99UgNprdhDRpBsm3rJfQSwS87N4=
X-Google-Smtp-Source: APXvYqzzJ00tSG7P7+8EJy8bmo+Tq/AP6WZdwzRNDltIKvdWFNnsm8Uqj+l85bBGH54XSygRZxSd6z1Xa6yac9O8m5w=
X-Received: by 2002:a17:906:684e:: with SMTP id a14mr31237048ejs.156.1563368282253; Wed, 17 Jul 2019 05:58:02 -0700 (PDT)
MIME-Version: 1.0
References: <0DEC8C31-BFEE-42B9-B8D2-9F0A7ED88756@gmail.com>
In-Reply-To: <0DEC8C31-BFEE-42B9-B8D2-9F0A7ED88756@gmail.com>
From: Tony Przygienda <tonysietf@gmail.com>
Date: Wed, 17 Jul 2019 05:57:26 -0700
Message-ID: <CA+wi2hO_6bU0MuPGJaZMUdBrneDwHjZph2DMVB-XxhnsG7ui5A@mail.gmail.com>
To: Bruno Rijsman <brunorijsman@gmail.com>
Cc: rift@ietf.org
Content-Type: multipart/alternative; boundary="0000000000001def43058de00b9c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/rift/5eZOCL8d47HOKko743DfvaFzl68>
Subject: Re: [Rift] Status update on security interop testing between RIFT-Juniper and RIFT-Python
X-BeenThere: rift@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of Routing in Fat Trees <rift.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rift>, <mailto:rift-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rift/>
List-Post: <mailto:rift@ietf.org>
List-Help: <mailto:rift-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rift>, <mailto:rift-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Jul 2019 12:58:13 -0000
splendid & as usual thanks for the work Bruno ;-) Zero protocol interop-problems result speaks for itself as to quality of the spec I guess [albeit to be honest we had a chat about the nonces, I'll update folks @ IETF] ;-) For me as matter of interest if any security person cares to chime in; how important is HMAC-SHA-256 vs. SHA-256 ? I looked @ trade-offs on SHA-224 ... SHA-512 and looks like SHA-256 was about the sweet-spot in size/security/library support on all kind of systems, that's why I went for it in first iteration. I know that I changed yaml file keywords but I realized that we'll have a clash in the future with key/value implementation in RIFT itself if we call security-keys just "keys" so it was better eating crow now ... The per-interface vs. node model on outer key is largely convienence. I prefer to an outer configuration system/model like YANG or NETCONF to support that kind of inheritance hierarchy from experience since it complicates very quickly protocol implementation itself otherwise given possible semantic contradictions and so on ... --- tony On Wed, Jul 17, 2019 at 5:41 AM Bruno Rijsman <brunorijsman@gmail.com> wrote: > Status update on security interop testing between RIFT-Juniper and > RIFT-Python: > > The outer keys are now interoperating fine. > > (A) As expected, the adjacency between RIFT-Juniper and RIFT-Python comes > up to state 3way, when > > (A1) authentication is disabled or > > (A2) authentication is enabled with the same active keys or > > (A3) authentication is enabled with different active keys and > corresponding accept keys. > > (B) As expected, the adjacency between RIFT-Juniper and RIFT-Python does > not come up to state 3way, when > > (B1) Authentication is enabled on one side but not the other side > > (B2) Authentication is enabled with different active keys and without > corresponding accept keys > > Challenges along the way: > > (C1) Juniper uses SHA-256(key + payload) whereas RIFT-Python uses > HMAC-SHA-256(key, payload). Solution: add support for SHA-256(key + > payload) to RIFT-Python (in addition to HMAC-SHA-256). > > (C2) RIFT-Juniper used different YAML configuration keywords than > RIFT-Python. Solution: change RIFT-Python to use the same configuration > keywords. > > (C3) RIFT-Juniper only support configuration of outer keys on a > per-interface basis, whereas RIFT-Python support configuring the outer keys > on a per-node and per-interface basis with an inheritance rule. Solution: > for interop testing, only use per-interface configuration. > > (C4) RIFT-Juniper only supports SHA-256, whereas RIFT-Python also > supports other key lengths (e.g. SHA-224, SHA-384, and more). Solution: > limit interop testing to SHA-256. > > All four of these issues are implementation issues, and none of these > issues require any changes to the draft. > > Next step: finish interop testing for the origin keys. (I plan to do this > Thursday morning, Netherlands time) > > — Bruno > >
- [Rift] Status update on security interop testing … Bruno Rijsman
- Re: [Rift] Status update on security interop test… Tony Przygienda
- [Rift] Security interop testing between RIFT-Juni… Bruno Rijsman
- Re: [Rift] Security interop testing between RIFT-… Tony Przygienda
- Re: [Rift] Security interop testing between RIFT-… Bruno Rijsman